This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

ACL question

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Morning,

I'm just trying to get my head around Access Control lists and the inverse mask using this here page.

Can be summarised into one address: 192.168.32.0/21 or 192.168.32.0 255.255.248.0 to give you the inverse mask of 0.0.7.255.

This makes sense so far and I think I understand it.

However, in the next example, these addresses;

192.168.146.0/24
192.168.147.0/24
192.168.148.0/24
192.168.149.0/24

Can not be summarised into one network address, you need a minimum of 2 networks. Yet when you write them out in binary the first 5 bits of the third octet are all the same and is the same as the first example.

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

First off, just to make sure we're clear, you've stated ACL (Access Control Lists) in the header but the real question is about summarization.
OK so let's try this.
The thing to remember is that route summarization is used to combine a number of routes into fewer statements, thus it takes less memory and processor resources.

You'll see that the problem is not only does the summarization cover the routes in the question, but also everything else between:
192.168.144.0 - 192.168.159.0 That's way beyond the scope of the question.
What does it mean? Any route between the summarized range will be advertised out this router.

By using 2 more bits you can summarize without capturing the extra routes:
11000000.10101000.100100xx. - includes: 192.168.146-147
11000000.10101000.100101xx. - includes: 192.168.148-149

Hope that helps...
It's pretty early for me, so if it doesn't make sense let me know

The reason I stated ACL's was because that was what I was reading up on when summarisation popped on to the scene. Didn't realise it was a different subject, but now I do it's something else to go and learn!

CertForums.com is not sponsored by, endorsed by or affiliated with Cisco Systems, Inc. Cisco®, Cisco Systems®, CCDA™, CCNA™, CCDP™, CCNP™, CCIE™, CCSI™; the Cisco Systems logo and the CCIE logo are trademarks or registered trademarks of Cisco Systems, Inc. All other trademarks, including those of Microsoft, CompTIA, VMware, Juniper ISC(2), and CWNP are trademarks of their respective owners.